<code>elements with newlines in the text which use CSS to specify
white-space:prewill have the newlines improperly stripped if the element is not attached to the document at the time the stripping is done. Also, on IE 6, all newlines will be stripped from
<code>elements because of the way IE6 produces
innerHTML. Workaround: use
<pre>for code with newlines.
prettyPrintOnewas not halting. This was not reachable through the normal entry point.
is no longer applicable.
Caveats: please properly escape less-thans. x<y instead of x<y, and use " instead of " for string delimiters.
[charsets] should not end regex
nocodespans to allow embedding of line numbers and code annotations which should not be styled or otherwise affect the tokenization of prettified code. See the issue 22 testcase.
<code>blocks with embedded newlines.
so that the output works when embedded in XML. Bug 108.
prettyPrintOneinjects the HTML passed to it into a
<pre>element. If the HTML comes from a trusted source, this may allow XSS. Do not do this. This should not be a problem for existing apps since the standard usage is to rewrite the HTML and then inject it, so anyone doing that with untrusted HTML already has an XSS vulnerability. If you sanitize and prettify HTML from an untrusted source, sanitize first.